All is not completely rosy in microservice-land. It is often a sign of an architectural approach’s maturity that in addition to the emergence of well established principles and practices, that anti-patterns also begin to be identified and classified. In this talk we introduce the 2016 edition of the seven deadly sins that if left unchecked could easily ruin your next microservices project... This talk will take a tour of some of the nastiest anti-patterns in microservices, giving you the tools to not only avoid but also slay these demons before they tie up your project in their own special brand of hell.
Topics covered include: Pride - selfishly ignoring the new requirements for testing; Envy - introducing inappropriate intimacy within services by creating a shared domain model; Wrath - failing to deal with the inevitable bad things that occur within a distributed system; Sloth - composing services in a lazy fashion, which ultimately leads to the creation of a “Distributed Monolith”; and Lust - embracing the latest and greatest technology without evaluating the operational impact incurred by these choices.
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
QCon NY 2016: "The Seven (More) Deadly Sins of Microservices"
1. The Seven (More) DEADLY SINS OF Microservices
Daniel Bryant
@danielbryantuk
OpencRedo
2. Previously, AT QCON NYC 2015...
14/06/2016 @danielbryantuk
https://www.infoq.com/presentations/7-sins-microservices
3. The Seven (more) Deadly Sins of Microservices
1. LUST - Using the (Unevaluated) latest and greatest tech…
2. GLUTTONY - Communication lock-in
3. GREED - What'S Mine is mine (within the organisation)…
4. SLOTH - Getting lazy with NFRs
5. WRATH - Blowing up when bad things happen
6. ENVY - The shared single domain (and data store) fallacy
7. PRIDE - testing in the world of transience
14/06/2016 @danielbryantuk
4. @danielbryantuk
• Chief Scientist at OpenCredo
ü Transformingorganisationsthrough technology and teams
ü Agile, Lean, Architecture, CI/CD, DevOps
ü Microservices, cloud, Containers, Java, Go, Docker, Kubernetes
• London Java Community Associate
• Adopt OpenJDK and JSR
• InfoQ Editor, DZone MVB, VOXXED, O'Reilly
14/06/2016 @danielbryantuk
5. 1. Lust - Using THE LATEST and Greatest Tech…
14/06/2016 @danielbryantuk
6. Previously...
• Microservices are not always a best fit
– Architectural skills, stage of business, Devops
• Evaluation (and documentation) are under-used skills
– Language, Frameworks, Middleware, data stores
14/06/2016 @danielbryantuk
7. Evaluation - are Microservices A good fit?
• Not understanding principles (Cargo-culting)
– Not built around business Functionality
– Mini-monoliths
• “our 'mode TWO' apps are Microservices”
– No transformation / migration plan
– SOE evolution limited by SOR
– Lipstick on the pig
• No Well-defined DevOps / SRE / Ops
– Deployment/ops free-for-all
14/06/2016 @danielbryantuk
10. Evaluation - Fitness functions
• Microservices as an Evolutionary Architecture
– Neal Ford and Rebecca Parsons
• Great for evaluation and documentation
– Platforms/ Language
– Middleware
– Data stores
14/06/2016 @danielbryantuk
11. Evaluation - The’Spine Model
• Effective conversations make for effective
collaboration
• It's a TOOL Problem
– As a species, we have always been Tool users
and makers.
– We use _____ to get our work done
• People get stuck in a dilemma where equally
plausible options are available
• “Going up the Spine” breaks deadlock http://spinemodel.info/explanation/introduction/
12. Determine the need for the tool
• PRACTICES before Tools
– Decide on the Practices that the tools are there to support
– We do _____ to create value
• PRINCIPLES before Practices
– Decide on the Principles to measure those Practices against.
– We leverage _____ to change the system
• VALUES before Principles
– Make as explicitas possible the Values at playin the system.
– We optimise for _____
• NEEDS before Values
– It all starts at Needs. Why does this system exist in the first
place?
– We are here to satisfy _____
http://spinemodel.info/explanation/introduction/
13. 2. GLUTTONY - Communication lock-in
14/06/2016 @danielbryantuk
14. Rpc - not the devil in disguise
• Don'T rule out RPC (e.g. grpc)
– Sometimes the contract (and speed) are beneficial
– Human readability of JSON is over-rated
• Stick to rest (JSON over HTTPS) on the front-end
– Principle of least surprise
– Best support in Javascript/mobile
14/06/2016 @danielbryantuk
15. The ESB is dead - long live the esb!
14/06/2016 @danielbryantuk
16. The ESB is dead - long live the esb!
14/06/2016 @danielbryantuk
17. The ESB is dead - long live the esb!
14/06/2016 @danielbryantuk
• Is this an ESB?
• Or an API gateway?
18. The ESB is dead - long live the API Gateway!
14/06/2016 @danielbryantuk
• Watch for the API Gateway morphing
into an Enterprise service bus
– Loose coupling is vital
• But let me be clear...
– The API Gateway pattern is awesome
– Centralise cross-cutting concerns
– Prevent wheel-reinvention (plugins)
– Check out kong, apigee, AWS API Gateway,
Mulesoft etc
19. ESB != Event Bus
14/06/2016 @danielbryantuk
www.infoq.com/news/2016/02/not-just-microservices www.youtube.com/watch?v=0pfghZxlFSg
20. 3. GREED - What'S mine is mine... (within the organisation)…
14/06/2016 @danielbryantuk
21. Previously...
• Conway'S Law
• Microservices are about people, as much as they are tech
• Get your business ready
14/06/2016 @danielbryantuk
22. We hear this a lot...
“We’ve decided to reform our teams around squads, chapters and guilds”
• Beware of cargo-culting
– Repeat three times “We are not spotify”
• Understand the practices, principles, values etc
14/06/2016 @danielbryantuk
23. Empathy - The Hidden ingredient in Good software development
14/06/2016 @danielbryantuk
http://www.ustream.tv/recorded/86154111
24. 4. SLOTH - Getting Lazy with NFRs
14/06/2016 @danielbryantuk
25. Getting lazy with non-Functional Requirements
“The driving technical requirements for a system should be identified early
to ensure they are properly handled in subsequent design”
Aidan Casey
Guiding principles for evolutionary architecture
14/06/2016 @danielbryantuk
26. Getting lazy with non-Functional Requirements
• The 'ilities' Can be (often) be an afterthought
– Availability, Scalability, auditability, testability etc
• Agile/Lean: Delay decisions to the ‘last responsible moment’
– NewsFlash - Sometimes this is up-front
• It can be costly (or prohibitive) to adapt late in the project
– Microservices don'T make this easier (sometimes more difficult)
14/06/2016 @danielbryantuk
28. 5. WRATH - Blowing up when bad things happen
14/06/2016 @danielbryantuk
29. Previously - Bring in Michael Nygard (Or some monkeys)
14/06/2016 @danielbryantuk
30. Technical Pain point - Distributed transactions
• Don't
– (where possible)
– Push transactional scope into single service
• Supervisor/Process Manager
– E.g. Erlang OTP, Akka, EIP
• SAGA pattern
– Workflows providing a path (fork) of
compensating actions
14/06/2016 @OpenCredo
31. People Pain point - How does Devops fit into this?
• http://web.devopstopologies.com/
• @ matthewpskelton
• @beerops and @sigje
• Google SRE
14/06/2016 @danielbryantuk
32. Devops - define responsibilities
• Do you really want to build an
entire microservices platform?
• Focus on what matters
– Ci/CD
– Mechanical sympathy
– Logging
– Monitoring
14/06/2016 @danielbryantuk
33. Devops - the 'fullstack engineer' myth
“I'M sorry, but if you'RE not designing the computer chips and
writing the website, then I don'T wanna hear from you”
Charity Majors (@mipsytipsy), CraftConf 2016
http://www.ustream.tv/recorded/86181845
14/06/2016 @danielbryantuk
35. 6. ENVY - The shared SINGLE domain (and Data Store) fallacy
14/06/2016 @danielbryantuk
36. Previously - One Model to Rule Them All...
• One model…
– Breaks encapsulation
– Introduces coupling
• Know your DDD
– Entities
– Value Objects
– Aggregates and Roots
14/06/2016 @danielbryantuk
38. Choose (and use) data stores appropriately
• RDBMS
– Valuable for structured data
• Cassandra is Awesome
– but don'T treat it like an RDBMS!
• Don'T build a graph with RDBMS
– Use neo4j, Titan etc
• Datagrids e.g. Hazelcast
– Caching, distributed processing
14/06/2016 @danielbryantuk
39. 7. PRIDE - testing in the world of transience
14/06/2016 @danielbryantuk
40. Previously...
• Local verification
– Consumer-based contracts
• End-to-end
– BDD-style critical path
• Remember the test pyramid
14/06/2016 @danielbryantuk
martinfowler.com/articles/microservice-testing/
41. Service virtualisation / API simulation
• Virtualise request/response of services
– Unavailable
– Expensive to run
– Fragile/brittle
– Non-deterministic
– Cannot simulate failures
https://dzone.com/articles/continuously-delivering-soa
14/06/2016 @danielbryantuk
42. Service virtualisation
• Classics
– CA service virtualization
– Parasoft virtualize
– HPE service virtualization
– IBM Test Virtualization server
• New kids on the block
– Hoverfly
– Wiremock
– VCR/Betamax
– Mountebank
– mirage
14/06/2016 @danielbryantuk
43. Hoverfly
• Lightweight Service virtualisation
– Open source (Apache 2.0)
– Go-based / single binary
– Written by @Spectolabs
• Flexible API simulation
– HTTP / HTTPS
– More Protocols to follow?
14/06/2016 @danielbryantuk
48. Avoid being a sinner...
• Strategy
• Principles/Preparation
• Responsibilities
• Defined and shared
• Understood and appropriate
• Clear and c0mmunicated
14/06/2016 @danielbryantuk
52. Principles/Preparation - In the olden days
“Give me six hours to chop down a tree
and I will spend the first four sharpening the axe”
Abraham Lincoln
14/06/2016 @danielbryantuk
53. Principles/Preparation - What I See...
“Give me six hours to chop down a tree
and I will begin planning the construction of a large-scale lumber yard
And on The second day I will discover no-one knows how to use an axe
And on The third day I will buy a handsaw and begin sawing”
Me, attempting to be humourus
14/06/2016 @danielbryantuk
56. Responsibilities
• Define Responsibilities
– RACI / RASCI
• Architecture
– Super important in microservices
– Less ivory towers, more sim city
• Devops
– Not a free-for-all
– No fullstack heros
14/06/2016 @danielbryantuk
57. The Seven (more) Deadly Sins of Microservices
1. LUST - Using the (Unevaluated) latest and greatest tech…
2. GLUTTONY - Communication lock-in
3. GREED - What'S Mine is mine (within the organisation)…
4. SLOTH - Getting lazy with NFRs
5. WRATH - Blowing up when bad things happen (txns and ops)
6. ENVY - The shared single domain (and data store) fallacy
7. PRIDE - testing in the world of transience
14/06/2016 @danielbryantuk
58. The Seven (more) Deadly Sins of Microservices
1. LUST - Using the (Unevaluated) latest and greatest tech…
2. GLUTTONY - Communication Lock-in
3. GREED - What'S Mine is mine (within the organisation)…
4. SLOTH - Getting lazy with NFRs
5. WRATH - Blowing up when bad things happen (txns and ops)
6. ENVY - The shared single domain (and data store) fallacy
7. PRIDE - testing in the world of transience
14/06/2016 @danielbryantuk